I'd like to use a remote host for git, such as github.com. What worries me about it is that I'm putting our source code into the hands of a third party. Who knows who has access to it on the other side of the wire.

So I'd like to know if any of you been able to solve that somehow, maybe via encryption, perhaps? Traditional encryption would cause the entire file to change every time it's encrypted, thus git would get confused and all of it's wonderful diff/merge stuff would be disabled.

Is my only option to get a server and host git myself? I was hoping to not have to do that, as it's more expensive and more time consuming to set up.

Thanks,

rw

logic_earth
—
2012-10-06T19:23:02Z —
#2

Why don't you ask the folks at github on who has access to the Private git repositories?

No GitHub employees ever access private repositories unless required to for support reasons. Staff working directly in the file store access the compressed Git database, your code is never present as plaintext files like it would be in a local clone. Support staff may log into your account to access settings related to your support issue. In rare cases staff may need to pull a clone of your code, this will only be done with your consent. Support staff does not have direct access to clone any repo, they will need to temporarily attach their SSH key to your account to pull a clone. When working a support issue we do our best to respect your privacy as much as possible, we only access the files and settings needed to resolve your issue. All cloned repos are deleted as soon as the support issue has been resolved.

Rotwang
—
2012-10-06T20:37:15Z —
#3

logic_earth said:

Why don't you ask the folks at github on who has access to the Private git repositories?

I did ask them, twice. No email response in the past 48 hrs. Thanks, it looks like they do have access "but only with my consent". Not good enough. I guess I have to host my own unless another host can do it right, like beanstalk or cloudforge.